The SSL plot thickens... as I was installing the Transactor for a client today, I ran accross this little gem when I tried to import the certificate into the Computer Store:
“An internal error occurred. This can be either the user profile is not
accessible or the private key that you are importing might require a
cryptographic service provider that is not installed on your system”
I had absolutely no idea how to fix this. I loaded the cert on my box just fine, so I know it wasn't the cert. I also know that all the crypto bits on the machine were fine as I had been loading the sandbox certs just the day before. After googling for a bit, I found an entry in an obscure forum where someone else had this exact problem - long story short it happens when you set the MachineKeys folder security for Windows Server 2003.
For some reason, when you add the NETWORK SERVICE identity to the MachineKeys folder (described in my SSL post) it causes a problem with access rights. It doesn't make sense that ADDING a priviledge would do this, but you never know.
So to get around this, I removed NETWORK SERVICE from the MachineKeys ACLs, added the cert with no problem, and then re-addded when i was finished.
